flaschengeist/geruecht/controller/ldapController.py

from geruecht import ldap
from ldap3 import SUBTREE, Connection
from geruecht.model import MONEY, USER, GASTRO, BAR
from geruecht.exceptions import PermissionDenied
from . import Singleton
import traceback

class LDAPController(metaclass=Singleton):
    '''
    Authentification over LDAP. Create Account on-the-fly
    '''

    def __init__(self, dn='dc=ldap,dc=example,dc=local'):
        self.dn = dn
        self.ldap = ldap


    def login(self, username, password):
        try:
            retVal = self.ldap.authenticate(username, password, 'uid', self.dn)
            if not retVal:
                raise PermissionDenied("Invalid Password or Username")
        except Exception as err:
            traceback.print_exception(err)
            raise PermissionDenied("Wrong username or password.")

    def getUserData(self, username):
        try:
            self.ldap.connection.search('ou=user,{}'.format(self.dn), '(uid={})'.format(username), SUBTREE, attributes=['uid', 'givenName', 'sn', 'mail'])
            user = self.ldap.connection.response[0]['attributes']
            retVal = {
                'dn': self.ldap.connection.response[0]['dn'],
                'firstname': user['givenName'][0],
                'lastname': user['sn'][0],
                'uid': username
            }
            return retVal
        except:
            raise PermissionDenied("No User exists with this uid.")


    def getGroup(self, username):
        try:
            retVal = []
            self.ldap.connection.search('ou=user,{}'.format(self.dn), '(uid={})'.format(username), SUBTREE, attributes=['gidNumber'])
            main_group_number = self.ldap.connection.response[0]['attributes']['gidNumber']
            if main_group_number:
                group_data = self.ldap.connection.search('ou=group,{}'.format(self.dn), '(gidNumber={})'.format(main_group_number), attributes=['cn'])
                group_name = self.ldap.connection.response[0]['attributes']['cn'][0]
                if group_name == 'ldap-user':
                    retVal.append(USER)

            self.ldap.connection.search('ou=group,{}'.format(self.dn), '(memberUID={})'.format(username), SUBTREE, attributes=['cn'])
            groups_data = self.ldap.connection.response
            for data in groups_data:
                group_name = data['attributes']['cn'][0]
                if group_name == 'finanzer':
                    retVal.append(MONEY)
                elif group_name == 'gastro':
                    retVal.append(GASTRO)
                elif group_name == 'bar':
                    retVal.append(BAR)
            return retVal
        except Exception as err:
            traceback.print_exception(err)

    def __isUserInList(self, list, username):
        help_list = []
        for user in list:
            help_list.append(user['username'])
        if username in help_list:
            return True
        return False

    def getAllUser(self):
        retVal = []
        self.ldap.connection.search()
        self.ldap.connection.search('ou=user,{}'.format(self.dn), '(uid=*)', SUBTREE, attributes=['uid', 'givenName', 'sn', 'mail'])
        data = self.ldap.connection.response
        for user in data:
            if 'uid' in user['attributes']:
                username = user['attributes']['uid'][0]
                firstname = user['attributes']['givenName'][0]
                lastname = user['attributes']['sn'][0]
                retVal.append({'username': username, 'firstname': firstname, 'lastname': lastname})
        return retVal

    def searchUser(self, searchString):

        name = searchString.split(" ")

        for i in range(len(name)):
            name[i] = "*"+name[i]+"*"


        print(name)

        name_result = []

        if len(name) == 1:
            if name[0] == "**":
                self.ldap.connection.search('ou=user,{}'.format(self.dn), '(uid=*)', SUBTREE,
                                                attributes=['uid', 'givenName', 'sn'])
                name_result.append(self.ldap.connection.response)
            else:
                self.ldap.connection.search('ou=user,{}'.format(self.dn), '(givenName={})'.format(name[0]), SUBTREE, attributes=['uid', 'givenName', 'sn', 'mail'])
                name_result.append(self.ldap.connection.response)
                self.ldap.connection.search('ou=user,{}'.format(self.dn), '(sn={})'.format(name[0]), SUBTREE, attributes=['uid', 'givenName', 'sn', 'mail'])
                name_result.append(self.ldap.connection.response)
        else:
            self.ldap.connection.search('ou=user,{}'.format(self.dn), '(givenName={})'.format(name[1]), SUBTREE, attributes=['uid', 'givenName', 'sn'])
            name_result.append(self.ldap.connection.response)
            self.ldap.connection.search('ou=user,{}'.format(self.dn), '(sn={})'.format(name[1]), SUBTREE, attributes=['uid', 'givenName', 'sn', 'mail'])
            name_result.append(self.ldap.connection.response)
        retVal = []

        for names in name_result:
            for user in names:
                if 'uid' in user['attributes']:
                    username = user['attributes']['uid'][0]
                    if not self.__isUserInList(retVal, username):
                        firstname = user['attributes']['givenName'][0]
                        lastname = user['attributes']['sn'][0]
                        retVal.append({'username': username, 'firstname': firstname, 'lastname': lastname})

        return retVal


if __name__ == '__main__':
    a = LDAPController()
    a.getUserData('jhille')